use Net::SAML2::Protocol::Assertion;
use XML::Sig::OO;
use MIME::Base64;
 
# Lets assume we have a post binding response
my $saml_response=.....
 
my $xml=decode_base64($saml_response);
 
my $v=XML::Sig::OO->new(xml=>$xml,cacert=>'idp_cert.pem');
my $result=$v->validate;
die $result unless $result;
 
# we can now use the asertion knowing it was from our idp
my $assertion=Net::SAML2::Protocol::Assertion->new_from_xml(xml=>$xml)